* [Buildroot] [PATCH 1/1] package/webkitgtk: security bump to version 2.36.3
@ 2022-05-30 22:01 Adrian Perez de Castro
2022-05-31 6:54 ` Thomas Petazzoni via buildroot
2022-06-07 12:17 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Adrian Perez de Castro @ 2022-05-30 22:01 UTC (permalink / raw)
To: buildroot; +Cc: Adrian Perez de Castro
Bugfix release, mostly with build fixes, media playback improvements,
an important fix for when using threaded rendering, and security patches
for CVE-2022-26700, CVE-2022-26709, CVE-2022-26717, CVE-2022-26716, and
CVE-2022-26719.
Release notes:
https://webkitgtk.org/2022/05/28/webkitgtk2.36.3-released.html
https://webkitgtk.org/2022/05/18/webkitgtk2.36.2-released.html
Accompanying security advisory:
https://webkitgtk.org/security/WSA-2022-0005.html
This also imports a build fix which has not made it into the release.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
---
...en-cross-building-for-64-bit-ARM-htt.patch | 32 +++++++++++++++++++
package/webkitgtk/webkitgtk.hash | 8 ++---
package/webkitgtk/webkitgtk.mk | 2 +-
3 files changed, 37 insertions(+), 5 deletions(-)
create mode 100644 package/webkitgtk/0001-Build-failure-when-cross-building-for-64-bit-ARM-htt.patch
diff --git a/package/webkitgtk/0001-Build-failure-when-cross-building-for-64-bit-ARM-htt.patch b/package/webkitgtk/0001-Build-failure-when-cross-building-for-64-bit-ARM-htt.patch
new file mode 100644
index 0000000000..7c9c8666ad
--- /dev/null
+++ b/package/webkitgtk/0001-Build-failure-when-cross-building-for-64-bit-ARM-htt.patch
@@ -0,0 +1,32 @@
+From b0c63502f004db68b485354967bb1c56c071f4eb Mon Sep 17 00:00:00 2001
+From: Adrian Perez de Castro <aperez@igalia.com>
+Date: Tue, 31 May 2022 00:48:21 +0300
+Subject: [PATCH] Build failure when cross-building for 64-bit ARM
+ https://bugs.webkit.org/show_bug.cgi?id=241109
+
+Unreviewed build fix.
+
+* Source/WebCore/bindings/js/JSDOMMapLike.cpp: Add missing
+ JavaScriptCore/HashMapImplInlines.h header inclusion.
+
+Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
+Upstream status: https://github.com/WebKit/WebKit/pull/1165
+---
+ Source/WebCore/bindings/js/JSDOMMapLike.cpp | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/Source/WebCore/bindings/js/JSDOMMapLike.cpp b/Source/WebCore/bindings/js/JSDOMMapLike.cpp
+index e132c39fa54..2cb4b1b59a3 100644
+--- a/Source/WebCore/bindings/js/JSDOMMapLike.cpp
++++ b/Source/WebCore/bindings/js/JSDOMMapLike.cpp
+@@ -28,6 +28,7 @@
+
+ #include "WebCoreJSClientData.h"
+ #include <JavaScriptCore/CatchScope.h>
++#include <JavaScriptCore/HashMapImplInlines.h>
+ #include <JavaScriptCore/JSMap.h>
+ #include <JavaScriptCore/VMTrapsInlines.h>
+
+--
+2.36.1
+
diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
index 00a342ed7f..1176bbc7a1 100644
--- a/package/webkitgtk/webkitgtk.hash
+++ b/package/webkitgtk/webkitgtk.hash
@@ -1,7 +1,7 @@
-# From https://webkitgtk.org/releases/webkitgtk-2.36.1.tar.xz.sums
-md5 e6100df7f82d95a4e65176b10f5ab011 webkitgtk-2.36.1.tar.xz
-sha1 36a95b906e54bcf94d2be04e1cbaac3584da7eb1 webkitgtk-2.36.1.tar.xz
-sha256 0149ea5fb1d20f2a9981677d45c952a047330001ea24a8dc29035239f12c0c8f webkitgtk-2.36.1.tar.xz
+# From https://webkitgtk.org/releases/webkitgtk-2.36.3.tar.xz.sums
+md5 8ad4b1bfbbe3115ee163a8b2ba7b908f webkitgtk-2.36.3.tar.xz
+sha1 59ee6ee820be360ad57391870fa158064091c525 webkitgtk-2.36.3.tar.xz
+sha256 732fcf8c4ec644b8ed28b46ebbd7c1ebab9d9e0afea9bdf5e5d12786afc478d1 webkitgtk-2.36.3.tar.xz
# Hashes for license files:
sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
index 9e85c5b78f..39b16a90e7 100644
--- a/package/webkitgtk/webkitgtk.mk
+++ b/package/webkitgtk/webkitgtk.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WEBKITGTK_VERSION = 2.36.1
+WEBKITGTK_VERSION = 2.36.3
WEBKITGTK_SITE = https://www.webkitgtk.org/releases
WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
WEBKITGTK_INSTALL_STAGING = YES
--
2.36.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/webkitgtk: security bump to version 2.36.3
2022-05-30 22:01 [Buildroot] [PATCH 1/1] package/webkitgtk: security bump to version 2.36.3 Adrian Perez de Castro
@ 2022-05-31 6:54 ` Thomas Petazzoni via buildroot
2022-06-07 12:17 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni via buildroot @ 2022-05-31 6:54 UTC (permalink / raw)
To: Adrian Perez de Castro; +Cc: buildroot
On Tue, 31 May 2022 01:01:41 +0300
Adrian Perez de Castro <aperez@igalia.com> wrote:
> Bugfix release, mostly with build fixes, media playback improvements,
> an important fix for when using threaded rendering, and security patches
> for CVE-2022-26700, CVE-2022-26709, CVE-2022-26717, CVE-2022-26716, and
> CVE-2022-26719.
>
> Release notes:
>
> https://webkitgtk.org/2022/05/28/webkitgtk2.36.3-released.html
> https://webkitgtk.org/2022/05/18/webkitgtk2.36.2-released.html
>
> Accompanying security advisory:
>
> https://webkitgtk.org/security/WSA-2022-0005.html
>
> This also imports a build fix which has not made it into the release.
>
> Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
> ---
> ...en-cross-building-for-64-bit-ARM-htt.patch | 32 +++++++++++++++++++
> package/webkitgtk/webkitgtk.hash | 8 ++---
> package/webkitgtk/webkitgtk.mk | 2 +-
> 3 files changed, 37 insertions(+), 5 deletions(-)
> create mode 100644 package/webkitgtk/0001-Build-failure-when-cross-building-for-64-bit-ARM-htt.patch
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/webkitgtk: security bump to version 2.36.3
2022-05-30 22:01 [Buildroot] [PATCH 1/1] package/webkitgtk: security bump to version 2.36.3 Adrian Perez de Castro
2022-05-31 6:54 ` Thomas Petazzoni via buildroot
@ 2022-06-07 12:17 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2022-06-07 12:17 UTC (permalink / raw)
To: Adrian Perez de Castro; +Cc: buildroot
>>>>> "Adrian" == Adrian Perez de Castro <aperez@igalia.com> writes:
> Bugfix release, mostly with build fixes, media playback improvements,
> an important fix for when using threaded rendering, and security patches
> for CVE-2022-26700, CVE-2022-26709, CVE-2022-26717, CVE-2022-26716, and
> CVE-2022-26719.
> Release notes:
> https://webkitgtk.org/2022/05/28/webkitgtk2.36.3-released.html
> https://webkitgtk.org/2022/05/18/webkitgtk2.36.2-released.html
> Accompanying security advisory:
> https://webkitgtk.org/security/WSA-2022-0005.html
> This also imports a build fix which has not made it into the release.
> Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Committed to 2022.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-06-07 12:17 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-30 22:01 [Buildroot] [PATCH 1/1] package/webkitgtk: security bump to version 2.36.3 Adrian Perez de Castro
2022-05-31 6:54 ` Thomas Petazzoni via buildroot
2022-06-07 12:17 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.